According to Chainalysis’ new Crypto Crime Report, the volume of crime-related transactions rose for the second consecutive year, hitting an all-time high of $20.6 billion in 2022. This is a small share of the total volume of the crypto market, less than 1%. The report also states that 2022 was the biggest year for crypto thieves, with $3.8 billion stolen from various services and protocols, $775.7 million of which was stolen in October alone. However, the total revenue of scammers and ransomware hackers declined. This report provides an insight into the current state of crypto crime and highlights the need for increased security measures to protect users and their funds.
DeFi protocols have become a major target for hackers, with 82.1% of all stolen funds taken from these protocols in 2021. Cross-chain bridges, which allow users to trade assets between two different blockchains, are particularly attractive targets for hackers due to the large, centralized repositories of funds backing the assets. Oracle manipulation is a growing trend in DeFi hacks, where an attacker compromises the mechanisms by which a decentralized protocol gets a price for traded assets, and creates favorable conditions for profitable trades. In 2022, DeFi protocols lost $386.2 million in 41 separate oracle manipulation attacks. As DeFi protocols become more popular, it is important to be aware of the risks associated with them and to take steps to protect against potential attacks.
Avraham Eisenberg was arrested and is facing commodity manipulation charges in U.S. court for an alleged exploit of Mango Markets. In 2022, North Korean hackers from the Lazarus group broke their own record by stealing $1.7 billion from several victims. Most of the money was sent to decentralized exchanges and mixers such as Tornado Cash, Blender.io, and Sinbad. Elliptic, a blockchain intelligence firm, believes that Sinbad may have been launched by the same team that ran Blender. This case highlights the importance of cyber security and the need to be aware of potential exploits.
Sanctions have a major impact on illicit transactions, according to a report from Chainalysis. 43% of all illicit transaction volume in 2022 was associated with sanctioned entities. The majority of these transactions were related to Garantex, a Russian exchange, but compliance professionals still consider these transactions as illicit activity. Sanctions have a significant effect on the amount of illicit money flows, and it is important to take this into account when assessing the overall illicit transactions statistics.
In 2022, the U.S. sanctioned four Russian services for their involvement in darknet activities: Hydra, Garantex, Blender.io, and Tornado Cash. While these services have been linked to criminal activity, the majority of their funds are not from illicit sources. According to Chainalysis, only 6.1% of Garantex’s funds and 34% of Tornado Cash’s funds come from criminal sources, which is 20 times more than centralized exchanges. The U.S. is taking a hard stance against these services in order to protect citizens from the potential risks associated with darknet activities.
Sanctions imposed by the U.S. Office of Foreign Assets Control (OFAC) on mixers Tornado Cash and Blender.io last year have had a significant impact on the crypto industry. According to Chainalysis, the sanctions have seriously curbed the flow of funds into Tornado Cash, and have also reduced the popularity of mixers in general. In 2022, only $7.8 billion in crypto passed through mixers, compared to $11.5 billion in 2021. Despite the sanctions, Garantex remained as active as it used to be, and saw even more incoming funds from known scams and darknet shops. The sanctions were imposed because both services had been actively used by the North Korean hacker group Lazarus.
Cryptocurrency infrastructure is still vulnerable to ransomware hackers, according to Chainalysis. Despite increased attention from law enforcement, centralized crypto exchanges remain the primary destination for criminal funds. This means that criminals are still able to launder money through these exchanges, making it difficult to track and prevent money laundering activities. To combat this, Chainalysis recommends that crypto exchanges implement more stringent anti-money laundering measures, such as enhanced customer due diligence and transaction monitoring. This will help to reduce the risk of money laundering and ensure that criminals are unable to use crypto exchanges for their illicit activities.
Hackers are increasingly using decentralized finance (DeFi) platforms for money laundering, according to a new report. These platforms are attractive to criminals because they allow them to swap tokens that aren’t listed on other exchanges for more liquid crypto assets. Cybercriminals also use darknet platforms, mixers and centralized exchanges with weak KYC (Know Your Customer) protections, such as Bitzlato, which had its founder and some other staff members arrested in January. The report highlights the need for improved security measures to protect DeFi protocols from malicious actors and to ensure that users’ funds are safe. It also suggests that exchanges should implement stronger KYC measures to prevent criminals from laundering their stolen funds.
Deadbolt, a ransomware strain active in 2022, targeted small businesses and individuals, collecting over $2.3 million from 4,923 victims. On average, each victim paid around $476. The group sent decryption keys to their victims by triggering an automatic transaction sending back a small amount of bitcoin (around $1) with the decryption key written into the OP-RETURN field of the transaction data. This is an example of a double-spend, where the same bitcoin is spent twice, once to the ransomware group and once to the victim. This case highlights the need for improved security measures to protect against double-spending and other malicious activities.
The Dutch Royal Police used the replace-by-fee mechanism to investigate a group of hackers and get decryption keys for a dozen of victims without them having to pay. Replace-by-fee is a mechanism that allows a transaction in the Bitcoin blockchain to be replaced with a new one with a higher fee. This allowed the police to send payout transactions to the hackers, receive the decryption keys, and then revert the payouts using the replace-by-fee mechanism. This allowed the police to investigate the group without the victims having to part with their money.